Mapping the Attack Surface of Telecommunication Networks from the Public Internet

dc.contributorAalto-yliopistofi
dc.contributorAalto Universityen
dc.contributor.advisorRao, Siddharth
dc.contributor.authorRathi, Jayshree
dc.contributor.schoolPerustieteiden korkeakoulufi
dc.contributor.supervisorAura, Tuomas
dc.date.accessioned2023-09-03T17:03:27Z
dc.date.available2023-09-03T17:03:27Z
dc.date.issued2023-08-21
dc.description.abstractThe telecommunications sector is increasingly connected to the Internet, resulting in an expanded attack surface accessible from the public Internet. This has increased the availability of information such as IP addresses, open ports, and other network details that anyone from the Internet can access. As a result, potential entry points for attackers have increased, making it essential to map the attack surface of telecommunication networks from the public Internet. While previous research has explored various tools and techniques for mapping the attack surface of the Internet of Things (IoT) and Industrial Control Systems (ICS), such techniques have not yet been extended to the telecommunications domain. This thesis aims to comprehensively map the attack surface of telecommunications operators from the public Internet. To achieve this, we conducted a thorough literature review and proposed a methodology for mapping the attack surface explicitly designed for the telecommunications sector. First, we devised a research workflow that outlines the steps involved in the methodology. Second, we developed a Python-based tool to automate the workflow. We used the tool for a particular mobile network operator. It successfully gathered DNS records, IP addresses, exposed ports, services, Autonomous System Numbers (ASN), server versions, and potential vulnerabilities. The collected data provides valuable insights into the network infrastructure of the operator, aiding in the understanding of potential security risks.en
dc.format.extent58
dc.format.mimetypeapplication/pdfen
dc.identifier.urihttps://aaltodoc.aalto.fi/handle/123456789/123161
dc.identifier.urnURN:NBN:fi:aalto-202309035498
dc.language.isoenen
dc.programmeMaster’s Programme in Security and Cloud Computing (SECCLO)fi
dc.programme.majorSecurity and Cloud Computingfi
dc.programme.mcodeSCI3113fi
dc.subject.keywordattack surface mappingen
dc.subject.keywordtelecommunicationen
dc.subject.keywordpassive reconnaissanceen
dc.subject.keywordmobile network operatoren
dc.subject.keywordpublic interneten
dc.titleMapping the Attack Surface of Telecommunication Networks from the Public Interneten
dc.typeG2 Pro gradu, diplomityöfi
dc.type.ontasotMaster's thesisen
dc.type.ontasotDiplomityöfi
local.aalto.electroniconlyyes
local.aalto.openaccessyes
Files